From bf4edb40561674d0f0b4bae1202691af294ab0af Mon Sep 17 00:00:00 2001
From: Nicolas Viennot <nicolas@viennot.biz>
Date: Wed, 12 Jun 2013 01:28:01 -0400
Subject: [PATCH] Authenticating the server

---
 tmate-ssh-client.c | 61 ++++++++++++++++++++++++++++++++++++++++++----
 tmate.h            |  6 ++++-
 2 files changed, 61 insertions(+), 6 deletions(-)

diff --git a/tmate-ssh-client.c b/tmate-ssh-client.c
index 497b7128..abc23fa3 100644
--- a/tmate-ssh-client.c
+++ b/tmate-ssh-client.c
@@ -71,6 +71,13 @@ static void consume_channel(struct tmate_ssh_client *client)
 
 static void on_session_event(struct tmate_ssh_client *client)
 {
+	ssh_key pubkey;
+	int key_type;
+	unsigned char *hash;
+	ssize_t hash_len;
+	char *hash_str;
+	int match;
+
 	int verbosity = SSH_LOG_RARE;
 	int port = TMATE_PORT;
 
@@ -94,10 +101,10 @@ static void on_session_event(struct tmate_ssh_client *client)
 		}
 
 		ssh_set_blocking(session, 0);
-		ssh_options_set(session, SSH_OPTIONS_HOST, "localhost");
+		ssh_options_set(session, SSH_OPTIONS_HOST, TMATE_HOST);
 		ssh_options_set(session, SSH_OPTIONS_LOG_VERBOSITY, &verbosity);
 		ssh_options_set(session, SSH_OPTIONS_PORT, &port);
-		ssh_options_set(session, SSH_OPTIONS_USER, TMATE_HOST);
+		ssh_options_set(session, SSH_OPTIONS_USER, "tmate");
 		ssh_options_set(session, SSH_OPTIONS_COMPRESSION, "yes");
 
 		tmate_debug("Connecting...");
@@ -116,13 +123,57 @@ static void on_session_event(struct tmate_ssh_client *client)
 		case SSH_OK:
 			register_session_fd_event(client);
 			tmate_debug("Connected");
-			client->state = SSH_AUTH;
+			client->state = SSH_AUTH_SERVER;
 			/* fall through */
 		}
 
-	/* TODO Authenticate server */
+	case SSH_AUTH_SERVER:
+		if ((hash_len = ssh_get_pubkey_hash(session, &hash)) < 0) {
+			tmate_debug("Cannnot authenticate server");
+			disconnect_session(client);
+			return;
+		}
 
-	case SSH_AUTH:
+		hash_str = ssh_get_hexa(hash, hash_len);
+		if (!hash_str)
+			tmate_fatal("malloc failed");
+
+		if (ssh_get_publickey(session, &pubkey) < 0)
+			tmate_fatal("ssh_get_publickey");
+
+#ifdef DEVENV
+		match = 1;
+#else
+		key_type = ssh_key_type(pubkey);
+		switch (key_type) {
+		case SSH_KEYTYPE_DSS:
+			match = !strcmp(hash_str, TMATE_HOST_DSA_KEY);
+			break;
+		case SSH_KEYTYPE_RSA:
+			match = !strcmp(hash_str, TMATE_HOST_RSA_KEY);
+			break;
+		case SSH_KEYTYPE_ECDSA:
+			match = !strcmp(hash_str, TMATE_HOST_ECDSA_KEY);
+			break;
+		default:
+			match = 0;
+		}
+#endif
+
+		ssh_key_free(pubkey);
+		ssh_clean_pubkey_hash(&hash);
+		free(hash_str);
+
+		if (!match) {
+			tmate_debug("Cannnot authenticate server");
+			disconnect_session(client);
+			return;
+		}
+
+		client->state = SSH_AUTH_CLIENT;
+		/* fall through */
+
+	case SSH_AUTH_CLIENT:
 		switch (ssh_userauth_autopubkey(session, NULL)) {
 		case SSH_AUTH_AGAIN:
 			return;
diff --git a/tmate.h b/tmate.h
index 46800aa5..3acabed4 100644
--- a/tmate.h
+++ b/tmate.h
@@ -69,6 +69,9 @@ extern void tmate_decoder_commit(struct tmate_decoder *decoder, size_t len);
 #else
 #define TMATE_HOST "tmate.io"
 #define TMATE_PORT 22
+#define TMATE_HOST_DSA_KEY   "f5:26:31:c3:8a:78:6e:5c:77:74:0f:41:5b:5f:21:88"
+#define TMATE_HOST_RSA_KEY   "af:2d:81:c1:fe:49:70:2d:7f:09:a9:d7:4b:32:e3:be"
+#define TMATE_HOST_ECDSA_KEY "c7:a1:51:36:d2:bb:35:4b:0a:1a:c0:43:97:74:ea:42"
 #endif
 
 typedef struct ssh_session_struct* ssh_session;
@@ -78,7 +81,8 @@ enum tmate_ssh_client_state_types {
 	SSH_NONE,
 	SSH_INIT,
 	SSH_CONNECT,
-	SSH_AUTH,
+	SSH_AUTH_SERVER,
+	SSH_AUTH_CLIENT,
 	SSH_OPEN_CHANNEL,
 	SSH_BOOTSTRAP,
 	SSH_READY,